19 matches found
beauti-full.ru Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1079862 Security Researcher KikyTokamuro Helped patch 18 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting beauti-full.ru website and its users. Following...
demandboost.calltrack.co Cross Site Scripting vulnerability OBB-1066411
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Type confusion vulnerability instance analysis-vulnerability warning-the black bar safety net
Type confusion vulnerability in General is the type of data A as data of Type B to resolve the reference, which may lead to illicit access to data and thus execute arbitrary code. This article by IE type confusion vulnerability examples and Word type confusion vulnerability examples for analysis,...
Internet Explorer mshtml.dll Memory Corruption Vulnerability
Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...
Internet Explorer mshtml.dll Memory Corruption Vulnerability
Added: 08/01/2017 CVE: CVE-2017-0037 BID: 96088 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer has two vulnerabilities in the way objects are handled in memory. The first, CVE-2017-0059, is an...
Microsoft Internet Explorer - mshtml.dll Remote Code Execution (MS17-007) Exploit
Exploit for windows platform in category remote exploits Exploit Title: Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution MS17-007 Google Dork: NA Date: 24/7/2017 Exploit Author: Mohamed Hamdy - Nsecurity Vendor Homepage: https://www.microsoft.com Version: Microsoft Internet Explor...
Microsoft Internet Explorer MS17-007 mshtml.dll Remote Code Execution
Exploit Title: Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution MS17-007 Google Dork: NA Date: 24/7/2017 Exploit Author: Mohamed Hamdy - Nsecurity Vendor Homepage: https://www.microsoft.com Version: Microsoft Internet Explorer 11 Tested on: Windows 7 SP1 x86 CVE : CVE-2017-0037...
Information disclosure
The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and...
Memory corruption
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and...
Microsoft Internet Explorer Multiple Vulnerabilities (4013073)
This host is missing a critical security update according to Microsoft Bulletin MS17-006. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
KLA10968 Multiple vulnerabilities in Microsoft Edge
Multiple serious vulnerabilities have been found in Microsoft Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: 1. An incorrect handling of...
Microsoft Browser Memory Corruption (MS17-006: CVE-2017-0037)
A type confusion vulnerability exists in Microsoft Internet Explorer and Microsoft Edge. The vulnerability is due to an error in Microsoft Internet Explorer and Microsoft Edge while handling a specially crafted HTML file. A remote attacker can exploit this vulnerability by enticing a target user ...
CVE-2017-0037
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...
CVE-2017-0037
CVE-2017-0037 affects Microsoft Internet Explorer 10/11 and Microsoft Edge via a type confusion in mshtml.dll (Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement), enabling remote code execution through crafted CSS/JS sequences. Connected sources note public exploitation acti...
CVE-2017-0037
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...
Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement (CVE-2017-0037)
PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; function boom document.styleSheets0.media.mediaText = "aaaaaaaaaaaaaaaaaaaa"; th1.align = "right"; Note: The analysis below is based on an 64-bit IE running in single process mode running...
CVE-2017-0037
creationtimestamp| type| source ---|---|--- 2017-02-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41454 2017-10-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43125 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-04...
Microsoft Edge / Internet Explorer HandleColumnBreakOnColumnSpanningElement Type Confusion
Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement CVE-2017-0037 PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table border-spacing: 0px; function boom document.styleSheets0.media.mediaText = "aaaaaaaaaaaaaaaaaaaa"; th1.align =...
Microsoft Edge / Internet Explorer HandleColumnBreakOnColumnSpanningElement Type Confusion Exploit
Microsoft Edge and Internet Explorer suffer from a type confusion in HandleColumnBreakOnColumnSpanningElement. Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement CVE-2017-0037 PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table...